mirror of
https://github.com/etesync/server
synced 2024-12-27 09:48:24 +00:00
Fix the host checks to only check against hostname.
Fixes https://github.com/etesync/etesync-web/issues/183
As discussed in #66
Continuation of 843b59a0ac
.
This commit is contained in:
parent
49da4ea666
commit
d893d35c6f
@ -708,7 +708,7 @@ class AuthenticationViewSet(viewsets.ViewSet):
|
|||||||
elif challenge_data["userId"] != user.id:
|
elif challenge_data["userId"] != user.id:
|
||||||
content = {"code": "wrong_user", "detail": "This challenge is for the wrong user"}
|
content = {"code": "wrong_user", "detail": "This challenge is for the wrong user"}
|
||||||
return Response(content, status=status.HTTP_400_BAD_REQUEST)
|
return Response(content, status=status.HTTP_400_BAD_REQUEST)
|
||||||
elif not settings.DEBUG and host.split(":", 1)[0] != request.get_host():
|
elif not settings.DEBUG and host.split(':', 1)[0] != request.get_host().split(':', 1)[0]:
|
||||||
detail = 'Found wrong host name. Got: "{}" expected: "{}"'.format(host, request.get_host())
|
detail = 'Found wrong host name. Got: "{}" expected: "{}"'.format(host, request.get_host())
|
||||||
content = {"code": "wrong_host", "detail": detail}
|
content = {"code": "wrong_host", "detail": detail}
|
||||||
return Response(content, status=status.HTTP_400_BAD_REQUEST)
|
return Response(content, status=status.HTTP_400_BAD_REQUEST)
|
||||||
|
Loading…
Reference in New Issue
Block a user